Software Compliance: Often Easier Said Than Done

Karen Schwartz is a freelance technology writer based in the Washington D.C. area.

While software license agreements have always been a source of bewilderment, the growing number of confusing clauses and licensing options, combined with new technologies that further muddy the waters, have made software compliance more difficult to achieve than ever. Even a technology refresh or optimization of the environment could cause an enterprise to fall out of compliance.

Among the top reasons why software compliance can be a major challenge for any organization:

License rights are increasingly hard to decipher: It should be a simple matter to read an agreement and understand what an organization is actually getting for the money, but that’s not the case. Software vendors can have dozens of different permutations and options regarding license rights, and each has its own idiosyncrasies. What’s more, one size doesn’t fit all; each software vendor uses different terminology and provides different options. Just because a company finally understands its Oracle license rights doesn’t mean that it will understand its Microsoft license rights.

Counting is more difficult than 1-2-3: Both user licensing and access licensing are more complicated than ever. For example, if an organization buys a software license for a server, is that a per-user software license or a per-device software license?

Virtualization changes everything: If an organization has a software license for a server and then creates a virtual instance of that server, does it need additional software licenses for each virtual instance? It depends on the situation and the vendor. One vendor may allow a customer to install an unlimited number of virtual environments on a physical box while others may limit the number or prohibit it altogether. Virtualization is so confusing in the realm of software licensing that an IDC survey, sponsored by Flexera Software, found that 43 percent of organizations don’t have sufficient processes and automation in place to manage their virtual licenses, increasing the risk that they will fall out of compliance.

Cloud computing adds to the confusion: While some cloud computing models don’t present much of an issue, others, such as infrastructure as a service (IaaS) and platform as a service (PaaS), do because the cloud provider is delivering the service. Software vendors approach cloud licenses differently, so it pays to read the license carefully. Some, for example, charge per processor or core that the software runs on, while others charge per named or concurrent user.

The rise of multi-core processors complicates matters: As servers with multiple processors have become the norm, each software vendor has developed a different way of addressing the issue. Some require licenses for every processor, while others require only one license per server. Knowing what the license specifies is essential to remaining in compliance.

Mobility adds to software audit concerns: While mobile devices deliver great productivity benefits, they present challenges in terms of software licensing. Most enterprise software vendors publish mobile versions of their apps. However, many organizations may not have the licenses in place for all of the devices using a piece of software. Even if they do, it’s difficult to track. The challenge is easy to recognize; according to a study on mobile asset management by the International Association of IT Asset Managers. According to the study, nearly 75 percent of IT asset managers surveyed find licensing and management of mobile device assets to be a challenge. An IDC survey found that nearly half of businesses expect to have to change their approach to licensing because of an increased use of mobile devices for work-related activities.